Medium severity6.3NVD Advisory· Published Dec 28, 2025· Updated Apr 29, 2026
CVE-2025-15139
CVE-2025-15139
Description
A vulnerability has been found in TRENDnet TEW-822DRE 1.00B21/1.01B06. This affects the function sub_43ACF4 of the file /boafrm/formWsc. Such manipulation of the argument peerPin leads to command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Affected products
2cpe:2.3:o:trendnet:tew-822dre_firmware:1.00b21:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:trendnet:tew-822dre_firmware:1.00b21:*:*:*:*:*:*:*
- cpe:2.3:o:trendnet:tew-822dre_firmware:1.01b06:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- pentagonal-time-3a7.notion.site/TRENDnet-TEW-822DRE-Command-Injection-2c9e5dd4c5a580f190e9c411ad627e9anvdExploitThird Party Advisory
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.